<?php

include "../../dbaccess.php";
$connector = mysql_pconnect($dbserver, $dbuser, $dbpassword) or die(mysql_error($connector));
unset ($dbuser, $dbpassword, $dbserver);

mysql_select_db('gasilvis_EggenCards2') or die(mysql_error());

// Sanitize input
$where= false;
$and= false;
$q= "SELECT * FROM CardRef";

if (isset($_GET['Box'])) {
  $i= trim($_GET['Box']);
  $q= $q.($where?"":" WHERE").($and?" AND":"")." Box=\"".$i."\"";
  $where= $and= true;
}
if (isset($_GET['Bundle'])) {
  $i= trim($_GET['Bundle']);
  $q= $q.($where?"":" WHERE").($and?" AND":"")." Bundle=\"".$i."\"";
  $where= $and= true;
}
if (isset($_GET['PDF'])) {
  $i= trim($_GET['PDF']);
  $q= $q.($where?"":" WHERE").($and?" AND":"")." PDF=".$i;
  $where= $and= true;
}
if (isset($_GET['Page'])) {
  $i= trim($_GET['Page']);
  $q= $q.($where?"":" WHERE").($and?" AND":"")." Page>=".$i;
  $where= $and= true;
}
if (isset($_GET['Classification'])) {
  $i= trim($_GET['Classification']);
  $q= $q.($where?"":" WHERE").($and?" AND":"")." Classification=\"".$i."\"";
  $where= $and= true;
}
if (isset($_GET['Color'])) {
  $i= trim($_GET['Color']);
  $q= $q.($where?"":" WHERE").($and?" AND":"")." Color=\"".$i."\"";
  $where= $and= true;
}
if (isset($_GET['Orientation'])) {
  $i= trim($_GET['Orientation']);
  $q= $q.($where?"":" WHERE").($and?" AND":"")." Orientation=".$i;
  $where= $and= true;
}
if (isset($_GET['Note'])) {
  $i= trim($_GET['Note']);
  $q= $q.($where?"":" WHERE").($and?" AND":"")." Note=\"".$i."\"";
  $where= $and= true;
}
$q= $q." ORDER BY Box, Bundle, PDF, Page LIMIT 3000";


// CardKey ignores prior fields
if (isset($_GET['CardKey'])) {
  $i= trim($_GET['CardKey']);
  $q= "SELECT * FROM CardRef";
  $q= $q." WHERE CardKey>=".$i;
  $q= $q." ORDER BY CardKey LIMIT 100";
} else 

// Starname select ignores the prior fields
if (isset($_GET['StarName'])) {
  $sn= trim($_GET['StarName']); 
  
  $q="SELECT * FROM CardRef LEFT JOIN Star ON CardRef.CardKey = Star.CardKey";

  //$q= $q." WHERE Star.Starname LIKE \"".$sn."\"";
  // or alias search:	
  
  $xml= simplexml_load_file("http://vizier.cfa.harvard.edu/viz-bin/nph-sesame/-oxI/~S?".urlencode($sn));

  $first= true;
  if($xml->Target->Resolver) { 
    foreach ($xml->Target->Resolver->children() as $child) {
      if( $child->getName() === 'alias') {
         //echo $child->getName()." node:[" . $child . "]";
         $i= $child; //str_replace(' ','',$child); // no blanks
         $q= $q.($first?" WHERE":" OR")." Star.Starname = \"".$i."\"";
         $first= false;
         $q= $q." OR Star.Starname = \"".str_replace(' ','',$child)."\"";
         // there are 6000 entries with spaces removed..
      }   
    }   
  }

  $q= $q." ORDER BY Box, Bundle, PDF, Page LIMIT 3000";
  
// file_put_contents("transaction.log", $q."\n", FILE_APPEND | LOCK_EX);
}




$callback = trim($_GET['callback']);
	
$dataReturned = mysql_query($q) or die(mysql_error());

echo $callback;
echo '([';

$f= false;
$lastCK= 0;
while($row = mysql_fetch_array($dataReturned)){
   $ck= $row['CardKey'];
   if($lastCK != $ck) { // no duplicates
      $lastCK= $ck;
      if($f) echo ',';  $f= true;
      echo '{';
      $i= $row['Box'];        echo "\"Box\":\"$i\",";
      $i= $row['Bundle'];     echo "\"Bundle\":\"$i\",";
      $i= $row['PDF'];        echo "\"PDF\":$i,";
      $i= $row['Page'];       echo "\"Page\":$i,";
      $i= $row['Color'];      echo "\"Color\":\"$i\",";
      $i= $row['Classification'];echo "\"Classification\":\"$i\",";
      $i= $row['Note'];       echo "\"Note\":\"".urlencode($i)."\",";
      $i= $row['Orientation'];echo "\"Orientation\":$i,";
      $i= $row['CardKey'];    echo "\"CardKey\":$i";
      echo '}';
   }   
}

echo '])';

?>